CVE-2024-46475

Name of the Vulnerable Software and Affected Versions Metronic Admin Dashboard Template version 2.0

Description A reflected cross-site scripting (XSS) vulnerability on the homepage of Metronic Admin Dashboard Template allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.

Recommendations For Metronic Admin Dashboard Template version 2.0, consider disabling access to the homepage until a patch is available to prevent exploitation of the reflected XSS vulnerability. Restrict input validation to minimize the risk of arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.